Observations on Successfully Handling a Skimming Incident

We recently had the opportunity to assist with the response to a skimming incident at a community bank.  Fortunately, the whole thing was resolved with very few issues, and that was due, in large part, to timely action by all members of the Incident Response Team.

I've heard it said before that properly handling an incident can actually have a positive impact on the reputation of an organization and I would say that I can now confirm that.

So, I thought I'd share 5 observations that I feel made the handling of this skimming incident such a success:

1. Understand that a skimming incident will get the attention of your customers and the media and assume that the news will go public.
2. Timely action, as with any incident, is so important.  Our client assembled their team immediately to develop an action plan with assigned responsibilities.  Having a plan also makes #3 easier as well.
3. Create canned responses and talking points for various groups in your organization: staff calling affected customers, the call center, and frontline staff that may get questions from customers or media.  This ensures a unified message.  Have a written media statement ready, you will be contacted for a response and it's much easier to send a pre-written statement in email than to handle a live interview.
4. Monitor social media.  We did a case study on a past skimming incident that didn't go as well and in that case, there was a total firestorm on Facebook by both customers and the media with no response from bank staff.  Keep a close eye on all forms of social media and have responses ready.
5. Perform routine security checks on your ATMs where you look for skimming devices.  If not, you could find yourself sifting through security footage to determine when the device was installed for customer notification purposes.

Let us know if you have any questions or would like help with handling an incident or developing your incident response plan.